Avoiding the JavaScript trap

Posted at 3:24pm on Saturday May 16th 2009

Hopefully by now you've already read Richard Stallman's article "The JavaScript Trap" - it's a subject we care a lot about here at TuxRadar HQ, so when people ask us questions about the problem of online freedom we do our best to answer as fully as we can.

We're not going to bore you by talking about free beer versus free speech - that's an old argument and one with which we hope you're familiar by now. Instead, we want you to focus on the web services you rely on. Think Google. Think Gmail. Think Twitter, Facebook, Last.fm or any number of others.

Large chunks of your life are likely to rely on these companies continuing to provide their services to you for free, but are they free software? Of course not - but the problem is that most folks don't even consider that question.

In the old days, JavaScript was a simple glue layer that added snippets of functionality to the web. Dynamic HTML meant that web pages could react a little bit to user input. But really it's the rise of Ajax, which enables web pages to send and receive data without reloading the whole page, that's powering a new generation of websites and enabling people to produce increasingly powerful apps that run entirely inside your web browser - you only need look at the Chrome Experiments to see just how much JavaScript can do.

Thanks to its developers, OpenOffice.org is approaching feature parity with Microsoft Office, and Evolution now functions as a drop-in replacement for Microsoft Outlook. But if more people rely on web-based services such as Gmail or Google Docs, which aren't available under a free software licence, aren't we giving up our freedom just as we're on the verge of removing the proprietary shackles once and for all?

This isn't about being online

You might think that OpenOffice.org will always have a place, given that it runs anywhere, anytime. That's true, at least for now, but Google, Adobe, Microsoft and others are committing huge resources to producing software architectures that enable web apps to work as well offline as they do online.

With Gmail, for example, Google's 'Gears' technology stores an offline cache of your inbox so you can carry on working even when your connection is gone. And it's not just partial functionality - you can read emails, write responses and do pretty much anything you'd do online. As soon as you reconnect to the web, Gears sends all the emails sitting in your outbox, just as if you were using a traditional email client.

Google Gears enables JavaScript-based web applications to function offline, making them work locally just like traditional desktop apps.

If you're thinking, "Well, it's one thing getting email to work, but getting their online spreadsheet or word processor to function is much harder," then I'm afraid you're wrong: Google Docs works offline and has done for a year. People are already giving up computer freedoms without even realising it.

Take personal information: Facebook recently tried to change its terms of service so that data you uploaded could be used by the company even after you terminated your account. Users across the world revolted and made the company rethink its plans, but it shows how little control we have over data that's stored on another company's servers.

Being "in the cloud" might set off buzzword alarms, but it does accurately depict the nebulous, uncertain location of our data. Just where are your Google documents stored? If you ever wanted to transfer your Facebook life to a different server, is there a way to move everything you've built there to another site? A lot of people are unnerved by the fact that even if you had the source code and servers powerful enough to run it all, you still wouldn't be able to recreate the sites to which people queue up to donate their data. And a small group of geeks are already taking action.

Identi.ca is a service that's built on the GNU Affero GPL, which is a modified version of the GPL that closes a loophole enabling people to make alterations to GPL software without releasing those changes. (The GPL says you must release your changes only when you distribute them and technically web servers aren't distributing code, as they're run at the server.) Identi.ca is also special because all the content on it is licensed under the Creative Commons Attribution 3.0 licence, so you're able to get all your data off whenever you want to.

Identi.ca is a drop-in free software replacement for Twitter. You can send your messages to other people too.

But what's most significant about Identi.ca is what it does: it's a clone of Twitter, the 140-character microblogging sensation, except it supports OpenID and OpenMicroBlogging as standard. As the Identi.ca developers put it, "the goal here is autonomy - you deserve the right to manage your own online presence. If you don't like how Identi.ca works, you can take your data and the source code and set up your own server (or move your account to another one)."

It comes back to JavaScript

JavaScript is the common denominator behind these services. It's as widespread as HTML, and in fact its use goes far beyond HTML, thanks to other technologies such as XML, SVG and Canvas going hand-in-hand with JavaScript.

In pre-Ajax days, the main problem with using JavaScript was that it could only operate on the information that had already been downloaded. Now that Ajax is used on countless thousands of sites around the world, the next big blocker to truly massive JavaScript web apps is performance.

JavaScript was never really designed for the kinds of heavy lifting it's now being used for, which meant that for a long time few people cared about how fast it ran. This changed with Chrome, Google's web browser, which introduced a new JavaScript engine, V8, that performed faster than any other competing browser, open source or otherwise. Since then, Firefox, Safari and even Internet Explorer have been playing catch-up to Google in the performance stakes. If you thought companies such as Google were doing incredible things with web apps now, just wait until high-speed JavaScript execution becomes standard. When you combine it with offline access, the end result is that full-fat web apps can't be far away.

To many people, the idea of a high-speed, offline-capable Google Docs doesn't sound bad at all. Google seems to have been gunning for Microsoft almost since the company was founded, so going after the old cash cow of Microsoft Office makes sense. And for a lot of folks, it's easy not to care: Google will undoubtedly continue to offer its Docs service at no cost for the forseeable future and people are happy to use it while that continues.

But from a free software perspective, we're fighting a dangerous battle. Trading one closed-source app for another gets us nowhere, even if the new app happens to come from Google. Yes, the company does appear to have a bottomless source of storage and bandwidth, but would you feel happy recommending Google Docs to your friends if it were run by Microsoft? It'd be just as free and just as featureful - but somehow people have been fooled into thinking that Google can be as proprietary as it wants and we ought not to care.

Tim O'Reilly's classic speech, "The Open Source Paradigm Shift", makes it clear that the commoditisation of operating systems is imminent, with the next war being fought in the web app space. In 10 years' time your desktop computer will almost certainly run nearly all your programs over the internet, with your OS being a relatively thin shell that fires up a web browser and points you towards the net. If, in that time, all we've done is trade offline closed-source apps for online closed-source apps, then everything we're fighting for will be worthless. We don't think anyone wants to see that happen.

Your comments

Future shock?

Davey (not verified) - May 16, 2009 @ 7:14pm

JavaScript is free. Chrome is open. Don't know about G Docs. is it proprietary? The argument is confusing because you're not clear on just what these evil apps are. The article here seems more alarmist than Stallman's.

In any case, Stallman's proposal sounds important and reasonable -- worth getting behind wherever we might stand on the "free/nonfree" spectrum otherwise. It even seems like Google might support such a thing, no?

If all this is true,

Anonymous Penguin (not verified) - May 16, 2009 @ 10:47pm

to nail the problem early, what about getting linux into the AGPL ?

this would ensure the people who build their apps now using linux to open up a little now

If by Linux, you mean the

Anonymous Penguin (not verified) - May 17, 2009 @ 1:17am

If by Linux, you mean the kernel, you can't change the license because too many people hold the copyrights and you'd have to get them all to agree or rewrite the parts of the ones you weren't sure about, or so I've heard.

wat about branching the license

Anonymous Penguin (not verified) - May 17, 2009 @ 1:32am

mabe branching from kernal as a open license thrue that into the agpl its already a gpl currently isnt it si branching the lisene like a link-up might work- mabe im wrong but its an idea

Uh, what?

Anonymous Penguin (not verified) - May 17, 2009 @ 1:37am

Just the kind of senseless article I'd expect from mindless sheep. Guess what people? Proprietary software is here to stay. OpenOffice is nowhere near replacing Microsoft, and neither is Google Docs. And guess what? That's okay, because they can all exist in this world at the same time. Market forces decide what people want to use. Sometimes they choose open source software because it has the functionality they need and sometimes they choose proprietary software. It's the features that matter, now and forever more.

Oh really?

Googling for "site:tuxradar.com javascript" shows that you care a lot about JavaScript benchmarks... not so much about this "JavasSript Trap."

What about...

Anonymous Penguin (not verified) - May 17, 2009 @ 4:23am

I was under the impression that Webkit's SquirrelFish was the first major push in the Javascript performance realm. Google's Chrome (and V8) followed up shortly after that offering better performance. A little bit later, Webkit came out with another release: SquirrelFish Extreme, which bested Google's V8 engine.

Meanwhile, Firefox was in the background making regular releases that put it pretty much on par with both engines, albeit somewhat slower.

So, no browsers were really playing "catch up." It was pretty much simultaneous development and Webkit happened to be the first one to make press about it.

interesting

lostson (not verified) - May 17, 2009 @ 11:45am

I am curious as to why you take a stance on this but in the magazine and on this site you praise Mono ? This seems confusing to me, at least google is not microsoft. I agree on several layers and i don't use things like google docs, and i also use Identi as well. Choices sometimes have to be made about what you want to do, but the average user doesn't care too much about licenses or anything else. They are not concerned with politics, they want to enjoy their computers and internet habits. Open Source users are really the only ones who are enlightened about licenses. Sometimes I wish all the politics and licenses arguements would go away I really like Mono and Monodevelop but after doing alot of research and reading a million articles I felt i was being dirty using it. Same with google docs I would not use it because I would rather support Open Office. Oh well my 2 cents anyway.

Natural vs un-natural monopoly

Anonymous Penguin (not verified) - May 17, 2009 @ 4:00pm

I think it's important to differentiate between a natural monopoly, and an unnatural monopoly. A natural monopoly is like where if I owned my gas station on a popular intersection, nobody is forced to use it, but the very position of my location steers customers my way and makes me money. An unnatural monopoly would be where if I had a cozy relationship with a city bureaucrat who imposed and granted gas station licenses. And I got a license, but nobody else in town did.

Microsoft had an unnatural monopoly. They gained their position by using copyright regulations to pound down anybody who dared use their OS without permission, or a licensing fee. Google is a natural monopoly. They own the brand name, they own the fat pipes, and they own the powerful data centres. Now maybe someday google will decide to pound down anybody who dare uses a copy of gmail, but since javascript contains the source, that kind of strategy is unlikely to succeed. With a little bit of tweaking, any competent engineer could make a perfect reverse engineered copy. Anyone with a big data centre and big pipes could take them on, and take them down if they got too arrogant. Notice how yahoo wouldn't let people pop email without charge, and so eventually people got fed up and migrated to google in mass.

The GPL was good, not because it forced people to share, but because it made it so you couldn't criminalize people for copying. So far, it seems the reality with online web apps is that is not an issue.

Google not a must...one can choose.

Gio (not verified) - May 17, 2009 @ 7:39pm

>>Large chunks of your life are likely to rely on these companies continuing to provide their services to you for free,

Not one bit, actually. Email from riseup.net and autistici.org. For office applications, there are so many wonderful applications out there. Not quite sure why we should waste resources in that way (on-line applications).

>>Just the kind of senseless article I'd expect from mindless sheep

Here another emotive rant.

Take care,
Gio

Encryption

Alexander Teinum (not verified) - May 19, 2009 @ 9:18pm

I have to admit that I haven’t given this much thought, but isn’t there a possibility that encryption in one way or another can solve the problem?

I’d love if there were open source alternatives that were as good as Gmail.

In 10 years' time

johnvile - May 21, 2009 @ 7:52am

the soma will kick in (if it hasn't already) and no one's going to give a ****.
If not that then our arthritic thumbs and mouse wheel haggard fingers will be so bent and twisted that the Internet and all it's doing are gonna be a anathema.

Am I the only one?

Julie (not verified) - May 30, 2009 @ 1:50pm

Am I the only person who refuses to use online apps? I don't mean facebook, I mean office apps. I don't want to store my documents online. I want my apps to be solely on my pc, so I don't have to be connected in order to do what I want to do. On top of that, I'm not interested in putting documents or pictures out there on a regular basis, not in the long run, at least. I can't see businesses and people using online apps over apps installed on their local pcs.

it's not free software if you can't change and share it.

eMBee (not verified) - May 31, 2009 @ 12:11pm

Davey> JavaScript is free. Chrome is open. Don't know about G Docs. is it proprietary?

yes. that's the point. pretty much any web application in popular use is not free software. the article by rms explains it.

the problem is that you can not change how google docs, gmail or facebook work. if you can't change it and share the changed version with others then it's not free software.

now go look and try to find any online service/application where you can change the code and share it, and then you'll see the problem.

lostson> [what about mono]

well, at least mono is still free software. google docs is not. yes, there is a patent problem, but only in countries where software patents are enforceable. patents do not diminish the value of free software (at least not for the fsf, otherwise they would not support a GNUdot project.

Gio> Google not a must...one can choose.

of course, but i think that the point of the article is that people do not realize that most online apps are not free and that they even should choose something else. i have seen friends that i believed were staunch defenders of free software use google docs without hesitation.

Alexander> encryption

would only solve the privacy problem, not the fact that the online app is not free. and no, it would not work at all, for eg google docs needs to work with the unencrypted content. and because of the online nature of the code you have no control over what other code is being downloaded and executed while you work. you can not audit the code before you use it, so how can you trust it to encrypt your data before storing it in the server?

Julie> Am I the only person who refuses to use online apps?

no, i am there with you. not one piece of my data will be trusted to servers where i don't have control over it.

greetings, eMBee.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.